CVE-2019-0708 Critical Security Advice from edgescan

May 17, 2019 / by

Windows CVE-2019-0708? This blog explains CVE-2019-0708, how to identify if you are vulnerable and highlights how this type of threat was identified in the edgescan 2019 Vulnerability Stats Report.   What is it? A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects […]

Read more

edgescan is CREST Approved for Penetration Testing

May 8, 2019 / by

BCC Risk Advisory/edgescan is CREST Accredited for Penetration Testing BCC Risk Advisory/edgescan recently applied for accreditation to CREST for our Penetration Testing services. CREST is a not-for-profit accreditation and certification body that represents and supports the technical information security industry. CREST provides internationally recognised accreditation for organisations providing technical security services and professional level certifications […]

Read more

VULNERABILITY METRICS Datasheet

May 7, 2019 / by

Click to download the Vulnerability Metrics Datasheet  

Read more

Selecting a Vulnerability Management MSSP

April 10, 2019 / by

Challenges facing MSSP Clients: Many organisations looking for a Managed Security Service Provider (MSSP) do so in order to save on staffing costs, solve the challenges of staff retention, and assume accuracy and effectiveness improvements.  Do you know what you are getting when engaging with a managed security provider? Are they experts in “everything security” […]

Read more

Popular WordPress WAF bypass Zeroday discovered by edgescan

April 9, 2019 / by

WordFence WAF XSS Bypass – CVE-2019-9669 by Anthony Yalcin A Web Application Firewall (WAF) is an application firewall that filters, monitors, and blocks malicious HTTP traffic. By inspecting HTTP traffic, it can prevent attacks related to web application security flaws, such as SQL injection, cross-site scripting (XSS), and security misconfigurations. WAFs may come in the […]

Read more

Don’t forget the fundamentals

April 3, 2019 / by

Firefighting: Looking back at 2018 the evidence supports that many organisations struggle with the fundamentals of maintaining a reasonably secure posture. We’re still seeing large amounts of vulnerabilities which have been common place for over 15 years. Items such as Cross-site scripting, SQL injection and command Injection, all are still relatively common. The question is […]

Read more

Achieving Secure Defence in Depth – Rahim Jina, COO/Co-Founder

April 1, 2019 / by

Achieving Secure Defence in Depth, a webinar organised by Infosecurity magazine, was an informative session of expert insight into the best practices to achieve a truly comprehensive security standpoint.   The one and only Dan Raywood (shout out to him for featuring among the 100 top influencers at this year’s RSA, according to a list […]

Read more

Edgescan Vulnerability Stats Report 2019

February 22, 2019 / by

The 2019 Vulnerability Stats Report is available here….

Read more

edgescan Metrics

February 12, 2019 / by

  During February we are releasing a new Vulnerability Metrics tab on the edgescan dashboard.   Currently Full Reporting & API access for metrics is available, so that you can report on any asset or vulnerability at any time, open or closed. We also offer the ability to report on assets that are tagged with […]

Read more

edgescan at RSA

February 12, 2019 / by

We’re at RSA San Francisco between March 4th and 8th demonstrating our SaaS based Vulnerability intelligence platform. Our CEO, Eoin Keary, COO, Rahim Jina and some of our senior team shall be in attendance. We shall be demonstrating how edgescan works, discussing our 2019 Vulnerability Stats Report and showing you “why edgescan”! There is a […]

Read more